Search CVE reports
31 – 40 of 407 results
Some fixes available 1 of 11
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Some fixes available 1 of 11
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Fixed | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |